Detection Engineer

Were looking for a Detection Engineer to join our expanding Information Security team who thrives on innovation loves working across disciplines and brings new ideas to the team. This is your chance to take ownership experiment and grow into a role with the opportunity to make a real impact.

This isnt your average SOC role. At Our Future Health the boring bits of the SOC are outsourced leaving you with the exciting highimpact work that shapes how we detect and respond to threats at scale. Youll collaborate closely with our inhouse Threat team and our outsourced SOC partner building unique detection capabilities that go beyond just SIEM detections. Think KQL scripting Microsoft Sentinel Azure Kubernetes and cloudnative log sources all while applying MITRE frameworks and helping to configure and tune other core security controls like DLP to keep us ahead of the threat landscape.

If you want to design detections that matter and be part of something unique that is the first of its kind at this scale then this is the role for you.

At Our Future Health our mission is to transform the preventiondetectionand treatment of conditions such as dementia cancer diabetes heart disease and stroke. Were looking for people to join us on our journey. If youre looking for a new challenge where you can contribute to helping future generations live in good health for longer then were keen to speak with you.

What youll be doing

• Developing new threat-led detections in collaboration with our threat teambased on both threat intelligenceand the results of threat hunts.
• Creating novel analytic methods and techniques for incident detection.
• Working with our MSP provided SOC tomaintainour detectioncatalogueand tune existing rules.
• Developing and tuning Data Loss Prevention Insider RiskManagementand other types of security rules withinMicrosoft Purviewand other key security monitoring tools.
• Alongside our Head of Cyber Defence supervising the MSP SOC to ensure a high-quality service is provideddetections and other types of engineering work are delivered to theappropriate standardand that the maturity (inc. efficiency) of our security monitoring is continually improving.
• Supporting the development ofautomated custom reports on security operational performance and broader security topics (using Sentinel workbooks).
• Collaborating with wider tech and security teams on theappropriatesecuritymonitoringfor our various systems including cloud platforms SaaS applications and inhouse developed systems.
• Documenting securityprocesses and security tool low-level design/configuration.
• Contributing to the development of security service delivery and operation documentation.
• Supporting the security engineers threatanalystsand wider security team with their various responsibilities including achieving andmaintainingISO 27001 certification andanything that involves KQL.

What you wont be doing

• Working in a siloed environment with no freedom to make decisions.
• Working in a place where you cant see the impact your expertise makes.

To succeed in this role you will be able to demonstrate some of the following skills and experience:

• Highly proficient in writing KQL and ideallysome level ofproficiencyinPythonand Terraform.
• Significant hands-on experience with Microsoft Sentinel.
• Experience with Microsofts Defender suite in particular Defender for Endpoints and Defender for O365.
• Experience with Microsoft Entra ID (previously AAD) including the Identity Governance capabilities.
• Experience withMicrosoft Purview tooling in particular MPIP and Purview Data Loss Prevention.
• Experience with cloud-native logging(in particular Azureand Kubernetes).
• Experience of an everything-as-codeor at least a detection-as-codeapproach including CI/CD pipelines.
• Exposure to working with/inside an MSP SOC.
• Exposure to Agile working.
• Knowledge of attacker Tactics Techniques and Procedures (TTPs).
• Knowledge of statistics datascienceand AI/MLin particular whenapplied to cyber security.
• Knowledge ofISO 27001.
• Desire to be part of a small fast-paced team.
• Relevant certifications such as: Microsoft certifications (MS-500 AZ-500 SC-200 SC-300 SC-400) CompTIA Security GIAC Security Operations Certified (GSOC) Cloud Security Alliance CCSK.

• Salary from 55000 per annum.
• Generous Pension Scheme We invest in your future with employer contributions of up to 12%.
• 30 Days Holiday Bank Holidays Enjoy a generous holiday allowance with the flexibility to take bank holidays when it suits you.
• Enhanced Parental Leave Supporting you during lifes biggest moments.
• Cycle to Work Scheme Save 25-39% on a new bike and accessories through salary sacrifice.
• Home & Tech Savings Get up to 8% off on IKEA and Currys products spreading the cost over 12 months through salary sacrifice
• 1000 Employee Referral Bonus Know someone amazing Get rewarded for bringing them on board!
• Wellbeing Support Access to Mental Health First Aiders plus 24/7 online GP services and an Employee Assistance Programme for you and your family.
• A Great Place to Work We have a lovely Central London office in Holborn and offer flexible and remote working arrangements.

Join us - letsprevent disease together.

At Our Future Health we recognise the importance of having a diverse workforce and ensuring that all candidates regardless of their background have equitable access to our application process. We proactively encourage applicants who identify as having a disability neurodiversity or long-term health conditions to let us know if they require any reasonable adjustments as part of their application process.

If you do require any reasonable adjustments please email us at

Required Experience:

IC